Main Vulnerability Database Vulnerabilities #VU82231

Improperly implemented security check for standard in Juniper Junos OS - CVE-2023-44181

Published: October 18, 2023

Vulnerability identifier: #VU82231

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-44181

CWE-ID: CWE-358

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Juniper Junos OS

Software vendor:
Juniper Networks, Inc.

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improperly implemented security check for standard error in storm control when Storm control is enabled and ICMPv6(internet control message protocol) packets are present on device. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Remediation

Install updates from vendor's website.

External links

https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5k-l2-loop-in-the-overlay-impacts-the-stability-in-a-EVPN-VXLAN-environment-CVE-2023-44181

Improperly implemented security check for standard in Juniper Junos OS - CVE-2023-44181

Description

Remediation

External links

Please verify you're human